…

Application Security Weekly (Audio)

…

Security Weekly Productions

About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.

#374

Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360

The MCP standard gave rise to dreams of interconnected agents and nightmares of what those... more

09 Dec 2025

1 HR 07 MINS

1:07:43

09 Dec 2025

#373

Making TN Critical Infrastructure the Most Secure in the Nation - T. Gwyddon 'Data' ("Gwee-thin") Ow...

For OT systems, uptime is paramount. That's a hard rule that makes maintaining, upgrading,... more

02 Dec 2025

59 MINS

59:02

02 Dec 2025

#372

Figuring Out Where to Start with Secure Code - ASW #358

What are your favorite resources for secure code? Co-hosts John Kinsella and Kalyani Pawar... more

25 Nov 2025

46 MINS

46:23

25 Nov 2025

#371

Secure Coding as Critical Thinking Instead of Vulnspotting - Matias Madou - ASW #357

Secure code should be grounded more in concepts like secure by default and secure by desig... more

18 Nov 2025

1 HR 03 MINS

1:03:41

18 Nov 2025

#370

Ransomware, Defaults, and Proactive Defenses - Rob Allen - ASW #356

Just how bad can things get if someone clicks on a link? Rob Allen joins us again to talk ... more

11 Nov 2025

1 HR 11 MINS

1:11:26

11 Nov 2025

#369

Researching and Remediating RCEs via GitHub Actions - Bar Kaduri, Roi Nisimi - ASW #355

Pull requests are a core part of collaboration, whether in open or closed source. GitHub h... more

04 Nov 2025

1 HR 08 MINS

1:08:08

04 Nov 2025

#368

Quantum Computing Isn't A Threat To Blockchains - Yet - Martha Bennett, Sandy Carielli - ASW #354

The post quantum encryption migration is going to be a challenge, but how much of a challe... more

28 Oct 2025

58 MINS

58:52

28 Oct 2025

#367

Reacting to Ransomware and Setting Secure Defaults - Rob Allen - ASW #353

Ransomware attacks typically don't care about memory safety and dependency scanning, they ... more

21 Oct 2025

1 HR 03 MINS

1:03:39

21 Oct 2025

#366

Inside the OWASP GenAI Security Project - Steve Wilson - ASW #352

Interest and participation in the OWASP GenAI Security Project has exploded over the last ... more

14 Oct 2025

1 HR 07 MINS

1:07:32

14 Oct 2025

#365

Finding Large Bounties with Large Language Models - Nico Waisman - ASW #351

Software has forever had flaws and humans have forever been finding and fixing them. With ... more

07 Oct 2025

53 MINS

53:52

07 Oct 2025

#364

Changing the Vuln Conversation from Volume to Remediation - Francesco Cipollone - ASW #350

Dealing with vulns tends to be a discussion about prioritization. After all, there a tons ... more

30 Sep 2025

1 HR 14 MINS

1:14:32

30 Sep 2025

#363

Design Errors in Entra ID, Design Defenses in iOS, Design Difficulties in DeepSeek - ASW #349

In the news, Microsoft encounters a new cascade of avoidable errors with Entra ID, Apple i... more

23 Sep 2025

58 MINS

58:43

23 Sep 2025

#362

How OWASP's GenAI Security Project keeps up with the pace of AI/Agentic changes - Scott Clinton - AS...

This week, we chat with Scott Clinton, board member and co-chain of the OWASP GenAI Securi... more

16 Sep 2025

1 HR 08 MINS

1:08:00

16 Sep 2025

#361

Limitations and Liabilities of LLM Coding - Seemant Sehgal, Ted Shorter - ASW #347

Up first, the ASW news of the week. At Black Hat 2025, Doug White interviews Ted Shorter, ... more

09 Sep 2025

1 HR 17 MINS

1:17:09